Code should be open, like Ethereum itself.

DeFi only works if the rules are transparent. That means free and open-source software (FLOSS) contracts and frontends that anyone can inspect, audit, or improve.

But not everything calling itself “open source” actually is. Many teams use Business Source License (BSL) a “source-available” license that delays full openness for 1–2 years. While this protects intellectual property, it limits trust and collaboration in the short term.

The Ethereum Foundation’s own Treasury Policy is clear: BSL and other source-available licenses do not qualify as FLOSS.
True DeFi Punk means releasing code under licenses like GPL, AGPL, MIT, or Apache so anyone can fork, audit, and build from day one.

Examples:

• ✅ MakerDAO, Curve -> fully open contracts under FLOSS licenses (e.g., GPL).
• ⚠️ Uniswap v3 (GPL now, originally BUSL), Uniswap v4 (BUSL until 2027), Aave v3 (BUSL) -> source-available with delayed/conditional openness.
• ❌ Closed-source or proprietary projects -> restrict access, no community auditability.

Reflection:
Can you check the license of your favorite protocol? Is it truly open or only partially?

Scoring:

• 0 = closed
• 1 = partly open / delayed license (e.g., BSL)
• 2 = fully FLOSS from the start